公开(公告)号：US10367740B2

公开(公告)日：2019-07-30

申请号：US14711096

申请日：2015-05-13

Applicant: Huawei Technologies Co., Ltd.

Inventor： Dacheng Zhang ,  Yuchen Wang ,  Jian Meng

IPC: H04L12/803 ,  H04L12/26 ,  H04L12/24

Abstract: A control method, system and apparatus for flow detection, a controller and a detection device. The method includes the controller acquires a flow identifier of a flow to be detected by each flow detection module in a network; adjusts the flow to be detected by each flow detection module according to a set load balancing policy; and delivers a detection instruction to each flow detection module, where the detection instruction includes a flow identifier of a flow to be detected by each flow detection module after the adjustment. In the present invention, because multiple flow detection modules are deployed in a network in a distributed manner, when there are a large number of switching devices included in the network, load balancing can be performed for detection of flows transmitted between these switching devices.

公开(公告)号：US20140380415A1

公开(公告)日：2014-12-25

申请号：US14482210

申请日：2014-09-10

Applicant: Huawei Technologies Co., Ltd.

Inventor： Yuchen Wang ,  Dacheng Zhang ,  Jian Meng

IPC: H04L29/06 ,  H04L12/26

CPC classification number: H04L63/1416 ,  G06F9/45558 ,  G06F2009/45595 ,  H04L43/026 ,  H04L43/04 ,  H04L63/08 ,  H04L63/20

Abstract: A method and a device for synchronizing network data flow detection status are provided. The method includes: a status synchronizing server receives a first request sent by a first security device node, where the first request carries a first flow entry of a first data flow that is currently detected by the first security device node; determines first network data flow detection status corresponding to the first flow entry; sends a first response to the first security device node, where the first response carries the first network data flow detection status. A security device node requests previous network data flow detection status of a data flow from a status synchronizing server so as to synchronize network data flow detection status, thereby allowing the security device node to detect a network attack in a more accurate way and improving network system security.

Abstract translation: 提供了一种用于同步网络数据流检测状态的方法和设备。 该方法包括：状态同步服务器接收由第一安全设备节点发送的第一请求，其中第一请求携带当前由第一安全设备节点检测到的第一数据流的第一流入口; 确定对应于第一流入口的第一网络数据流检测状态; 向第一安全设备节点发送第一响应，其中第一响应携带第一网络数据流检测状态。 安全设备节点从状态同步服务器请求数据流的先前网络数据流检测状态，以同步网络数据流检测状态，从而允许安全设备节点以更准确的方式检测网络攻击并改进网络系统 安全。

公开(公告)号：US09729560B2

公开(公告)日：2017-08-08

申请号：US14482210

申请日：2014-09-10

Applicant: Huawei Technologies Co., Ltd.

Inventor： Yuchen Wang ,  Dacheng Zhang ,  Jian Meng

IPC: G06F17/00 ,  H04L29/06 ,  H04L12/26 ,  G06F9/455

CPC classification number: H04L63/1416 ,  G06F9/45558 ,  G06F2009/45595 ,  H04L43/026 ,  H04L43/04 ,  H04L63/08 ,  H04L63/20

Abstract: A method and a device for synchronizing network data flow detection status are provided. The method includes: a status synchronizing server receives a first request sent by a first security device node, where the first request carries a first flow entry of a first data flow that is currently detected by the first security device node; determines first network data flow detection status corresponding to the first flow entry; sends a first response to the first security device node, where the first response carries the first network data flow detection status. A security device node requests previous network data flow detection status of a data flow from a status synchronizing server so as to synchronize network data flow detection status, thereby allowing the security device node to detect a network attack in a more accurate way and improving network system security.

公开(公告)号：US20150249608A1

公开(公告)日：2015-09-03

申请号：US14711096

申请日：2015-05-13

Applicant: Huawei Technologies Co., Ltd.

Inventor： Dacheng Zhang ,  Yuchen Wang ,  Jian Meng

IPC: H04L12/803 ,  H04L12/24

CPC classification number: H04L47/125 ,  H04L41/0893 ,  H04L43/026 ,  H04L43/12

Abstract: A control method, system and apparatus for flow detection, a controller and a detection device. The method includes the controller acquires a flow identifier of a flow to be detected by each flow detection module in a network; adjusts the flow to be detected by each flow detection module according to a set load balancing policy; and delivers a detection instruction to each flow detection module, where the detection instruction includes a flow identifier of a flow to be detected by each flow detection module after the adjustment. In the present invention, because multiple flow detection modules are deployed in a network in a distributed manner, when there are a large number of switching devices included in the network, load balancing can be performed for detection of flows transmitted between these switching devices.

Abstract translation: 用于流量检测的控制方法，系统和装置，控制器和检测装置。 该方法包括控制器获取由网络中的每个流量检测模块检测的流的流标识符; 根据设定的负载平衡策略调整每个流量检测模块检测的流量; 并向每个流量检测模块传送检测指令，其中检测指令包括在调整之后由每个流量检测模块检测的流量的流标识符。 在本发明中，由于多个流量检测模块以分布式方式部署在网络中，所以当网络中包含大量交换设备时，可以进行负载平衡以检测在这些交换设备之间传输的流量。